BurpSuite Proxy 请求拦截常见白名单设置
BurpSuite Proxy 请求拦截常见白名单设置
白名单
And / Domain name / Dose not match
firefox\.com$
firefox\.com\.cn$
mozilla\.com$
mozilla\.net$
mozilla\.org$
google\.com$
googleapis\.com$
googletagmanager\.com$
google-analytics\.com$
getclicky\.com$
cnzz\.com$
bsb\.baidu\.com$
json 文件
Burp > Project > Project Options > Load Project Options
proxy_options.json
{
"project_options":{
"connections":{
"hostname_resolution":[],
"out_of_scope_requests":{
"advanced_mode":false,
"drop_all_out_of_scope":false,
"exclude":[],
"include":[],
"scope_option":"suite"
},
"platform_authentication":{
"credentials":[],
"do_platform_authentication":true,
"prompt_on_authentication_failure":false,
"use_user_options":true
},
"socks_proxy":{
"dns_over_socks":false,
"host":"",
"password":"",
"port":0,
"use_proxy":false,
"use_user_options":true,
"username":""
},
"timeouts":{
"domain_name_resolution_timeout":300000,
"failed_domain_name_resolution_timeout":60000,
"normal_timeout":120000,
"open_ended_response_timeout":10000
},
"upstream_proxy":{
"servers":[],
"use_user_options":true
}
},
"http":{
"redirections":{
"understand_3xx_status_code":true,
"understand_any_status_code_with_location_header":false,
"understand_javascript_driven":false,
"understand_meta_refresh_tag":true,
"understand_refresh_header":true
},
"status_100_responses":{
"remove_100_continue_responses":false,
"understand_100_continue_responses":true
},
"streaming_responses":{
"scope_advanced_mode":false,
"store":true,
"strip_chunked_encoding_metadata":true,
"urls":[]
}
},
"misc":{
"collaborator_server":{
"location":"",
"poll_over_unencrypted_http":false,
"polling_location":"",
"type":"default"
},
"logging":{
"requests":{
"all_tools":"",
"extender":"",
"intruder":"",
"proxy":"",
"repeater":"",
"scanner":"",
"sequencer":""
},
"responses":{
"all_tools":"",
"extender":"",
"intruder":"",
"proxy":"",
"repeater":"",
"scanner":"",
"sequencer":""
}
},
"scheduled_tasks":{
"tasks":[]
}
},
"sessions":{
"cookie_jar":{
"monitor_extender":false,
"monitor_intruder":false,
"monitor_proxy":true,
"monitor_repeater":false,
"monitor_scanner":false,
"monitor_sequencer":false
},
"macros":{
"macros":[]
},
"session_handling_rules":{
"rules":[
{
"actions":[
{
"enabled":true,
"match_cookies":"all_except",
"type":"use_cookies"
}
],
"description":"Use cookies from Burp's cookie jar",
"enabled":true,
"exclude_from_scope":[],
"include_in_scope":[],
"named_params":[],
"restrict_scope_to_named_params":false,
"tools_scope":[
"Scanner"
],
"url_scope":"all",
"url_scope_advanced_mode":false
}
]
}
},
"ssl":{
"client_certificates":{
"certificates":[],
"use_user_options":true
},
"negotiation":{
"allow_unsafe_renegotiation":false,
"automatically_select_compatible_ssl_parameters_on_failure":true,
"disable_ssl_session_resume":false,
"enabled_ciphers":[],
"enabled_protocols":[],
"use_platform_default_protocols_and_ciphers":true
}
}
},
"proxy":{
"http_history_display_filter":{
"by_annotation":{
"show_only_commented_items":false,
"show_only_highlighted_items":false
},
"by_file_extension":{
"hide_items":[
"js",
"gif",
"jpg",
"png",
"css"
],
"hide_specific":false,
"show_items":[
"asp",
"aspx",
"jsp",
"php"
],
"show_only_specific":false
},
"by_listener":{
"port":""
},
"by_mime_type":{
"show_css":true,
"show_flash":true,
"show_html":true,
"show_images":true,
"show_other_binary":true,
"show_other_text":true,
"show_script":true,
"show_xml":true
},
"by_request_type":{
"hide_items_without_responses":false,
"show_only_in_scope_items":false,
"show_only_parameterized_requests":false
},
"by_search":{
"case_sensitive":false,
"negative_search":false,
"regex":false,
"term":""
},
"by_status_code":{
"show_2xx":true,
"show_3xx":true,
"show_4xx":true,
"show_5xx":true
}
},
"intercept_client_requests":{
"automatically_fix_missing_or_superfluous_new_lines_at_end_of_request":false,
"automatically_update_content_length_header_when_the_request_is_edited":true,
"do_intercept":true,
"rules":[
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"(^gif$|^jpg$|^png$|^css$|^js$|^ico$)",
"match_relationship":"does_not_match",
"match_type":"file_extension"
},
{
"boolean_operator":"or",
"enabled":false,
"match_relationship":"contains_parameters",
"match_type":"request"
},
{
"boolean_operator":"or",
"enabled":false,
"match_condition":"(get|post)",
"match_relationship":"does_not_match",
"match_type":"http_method"
},
{
"boolean_operator":"and",
"enabled":false,
"match_relationship":"is_in_target_scope",
"match_type":"url"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"firefox\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"firefox\\.com\\.cn$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"mozilla\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"mozilla\\.net$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"mozilla\\.org$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"cnzz\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"getclicky\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"google-analytics\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"google\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"googleapis\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"googletagmanager\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"bsb\\.baidu\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"^redirector\\.gvt1\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
},
{
"boolean_operator":"and",
"enabled":true,
"match_condition":"gvt1\\.com$",
"match_relationship":"does_not_match",
"match_type":"domain_name"
}
]
},
"intercept_server_responses":{
"automatically_update_content_length_header_when_the_response_is_edited":true,
"do_intercept":false,
"rules":[
{
"boolean_operator":"or",
"enabled":true,
"match_condition":"text",
"match_relationship":"matches",
"match_type":"content_type_header"
},
{
"boolean_operator":"or",
"enabled":false,
"match_relationship":"was_modified",
"match_type":"request"
},
{
"boolean_operator":"or",
"enabled":false,
"match_relationship":"was_intercepted",
"match_type":"request"
},
{
"boolean_operator":"and",
"enabled":false,
"match_condition":"^304$",
"match_relationship":"does_not_match",
"match_type":"status_code"
},
{
"boolean_operator":"and",
"enabled":false,
"match_relationship":"is_in_target_scope",
"match_type":"url"
}
]
},
"intercept_web_sockets_messages":{
"client_to_server_messages":true,
"server_to_client_messages":true
},
"match_replace_rules":[
{
"comment":"Emulate IE",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^User-Agent.*$",
"string_replace":"User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
},
{
"comment":"Emulate iOS",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^User-Agent.*$",
"string_replace":"User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 5_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko) Version/5.1 Mobile/9B176 Safari/7534.48.3"
},
{
"comment":"Emulate Android",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^User-Agent.*$",
"string_replace":"User-Agent: Mozilla/5.0 (Linux; U; Android 2.2; en-us; Droid Build/FRG22D) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1"
},
{
"comment":"Require non-cached response",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^If-Modified-Since.*$"
},
{
"comment":"Require non-cached response",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^If-None-Match.*$"
},
{
"comment":"Hide Referer header",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^Referer.*$"
},
{
"comment":"Require non-compressed responses",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^Accept-Encoding.*$"
},
{
"comment":"Ignore cookies",
"enabled":false,
"is_simple_match":false,
"rule_type":"response_header",
"string_match":"^Set-Cookie.*$"
},
{
"comment":"Rewrite Host header",
"enabled":false,
"is_simple_match":false,
"rule_type":"request_header",
"string_match":"^Host: foo.example.org$",
"string_replace":"Host: bar.example.org"
},
{
"comment":"Add spoofed CORS origin",
"enabled":false,
"is_simple_match":true,
"rule_type":"request_header",
"string_replace":"Origin: foo.example.org"
},
{
"comment":"Remove HSTS headers",
"enabled":false,
"is_simple_match":false,
"rule_type":"response_header",
"string_match":"^Strict\\-Transport\\-Security.*$"
},
{
"comment":"Disable browser XSS protection",
"enabled":false,
"is_simple_match":true,
"rule_type":"response_header",
"string_replace":"X-XSS-Protection: 0"
}
],
"miscellaneous":{
"disable_logging_to_history_and_site_map":false,
"disable_out_of_scope_logging_to_history_and_site_map":false,
"disable_web_interface":false,
"remove_unsupported_encodings_from_accept_encoding_headers_in_incoming_requests":true,
"set_connection_close_header_on_requests":true,
"set_connection_close_header_on_responses":false,
"strip_proxy_headers_in_incoming_requests":true,
"strip_sec_websocket_extensions_headers_in_incoming_requests":true,
"suppress_burp_error_messages_in_browser":false,
"unpack_gzip_deflate_in_requests":false,
"unpack_gzip_deflate_in_responses":true,
"use_http_10_in_requests_to_server":false,
"use_http_10_in_responses_to_client":false
},
"request_listeners":[
{
"certificate_mode":"per_host",
"listen_mode":"loopback_only",
"listener_port":8080,
"running":false
},
{
"certificate_mode":"per_host",
"listen_mode":"loopback_only",
"listener_port":9090,
"running":true
}
],
"response_modification":{
"convert_https_links_to_http":false,
"enable_disabled_form_fields":false,
"highlight_unhidden_fields":false,
"remove_all_javascript":false,
"remove_input_field_length_limits":false,
"remove_javascript_form_validation":false,
"remove_object_tags":false,
"remove_secure_flag_from_cookies":false,
"unhide_hidden_form_fields":false
},
"ssl_pass_through":{
"automatically_add_entries_on_client_ssl_negotiation_failure":false,
"rules":[]
},
"web_sockets_history_display_filter":{
"by_annotation":{
"show_only_commented_items":false,
"show_only_highlighted_items":false
},
"by_listener":{
"listener_port":""
},
"by_request_type":{
"hide_incoming_messages":false,
"hide_outgoing_messages":false,
"show_only_in_scope_items":false
},
"by_search":{
"case_sensitive":false,
"negative_search":false,
"regex":false,
"term":""
}
}
},
"repeater":{
"follow_redirections":"never",
"process_cookies_in_redirections":false,
"unpack_gzip_deflate":true,
"update_content_length":true
},
"sequencer":{
"live_capture":{
"ignore_abnormal_length_tokens":true,
"max_length_deviation":5,
"num_threads":5,
"throttle":0
},
"token_analysis":{
"compression":true,
"correlation":true,
"count":true,
"fips_long_run":true,
"fips_monobit":true,
"fips_poker":true,
"fips_runs":true,
"spectral":true,
"transitions":true
},
"token_handling":{
"base_64_decode_before_analyzing":false,
"pad_short_tokens_at":"start",
"pad_with":"0"
}
},
"target":{
"filter":{
"by_annotation":{
"show_only_commented_items":false,
"show_only_highlighted_items":false
},
"by_file_extension":{
"hide_items":[
"js",
"gif",
"jpg",
"png",
"css"
],
"hide_specific":false,
"show_items":[
"asp",
"aspx",
"jsp",
"php"
],
"show_only_specific":false
},
"by_folders":{
"hide_empty_folders":false
},
"by_mime_type":{
"show_css":true,
"show_flash":true,
"show_html":true,
"show_images":true,
"show_other_binary":true,
"show_other_text":true,
"show_script":true,
"show_xml":true
},
"by_request_type":{
"hide_not_found_items":true,
"show_only_in_scope_items":false,
"show_only_parameterized_requests":false,
"show_only_requested_items":false
},
"by_search":{
"case_sensitive":false,
"negative_search":false,
"regex":false,
"term":""
},
"by_status_code":{
"show_2xx":true,
"show_3xx":true,
"show_4xx":true,
"show_5xx":true
}
},
"scope":{
"advanced_mode":false,
"exclude":[],
"include":[]
}
}
}
Leave a Reply